Privacy Policy

Segra ("we", "us", or "our") provides a training management and analytics platform for endurance athletes and coaches. This Privacy Policy describes what information we collect, how we use it, and the choices you have.

By creating an account or using Segra, you agree to the practices described here. If you do not agree, please do not use the service.

We collect information in the following categories:

• Account information: email address, display name, username, role (athlete or coach), and authentication data managed through Supabase.
• Profile and physical data: date of birth, weight, height, maximum heart rate, and custom heart-rate zones that you provide in settings.
• Training data: sessions synced from Strava or entered manually, including distance, duration, pace, speed, elevation, heart-rate streams, zone distributions, session notes, and activity types.
• Planning data: weekly training plans, annual overviews, reusable templates, and saved sessions organised in folders.
• Performance test data: test protocols, logged results, and any notes you attach to entries.
• Health and recovery data: readiness entries, wellness metrics, and related trend data you log in the health section.
• Coach–athlete relationship data: invitations, connection status, and shared access permissions between coaches and athletes.
• Integration data: when you connect Strava, we receive OAuth tokens and activity data authorised by you, as well as webhook notifications for new activities.
• Usage and analytics data: pages visited, referral source, approximate country derived from IP address, browser, device type, and operating system, collected through privacy-focused, cookieless web analytics provided by our hosting infrastructure.
• Technical data: cookies and local storage for authentication and interface preferences. See our Cookie Policy for details.

We use your information to:

• Provide, operate, and maintain the Segra platform
• Authenticate you and keep your account secure
• Sync, store, and display your training sessions and analytics
• Enable training planning, performance testing, and health tracking features
• Allow coaches you connect with to view your training data within the app
• Process Strava integrations and keep synced data up to date
• Respond to support requests and communicate about the service
• Improve reliability, fix bugs, and develop new features
• Measure traffic, understand how visitors use the website, and improve the user experience through cookieless web analytics

We do not sell your personal data. Usage analytics are collected in a privacy-focused, cookieless manner and are used solely to understand and improve the Service. We do not use your training data for advertising.

We share information only in these circumstances:

• With your coach: if you accept a coach invitation, that coach can access your training data within Segra to support your training. You control this relationship and can end it at any time.
• With service providers: we use trusted third-party providers to run the service, including a cloud hosting provider (application hosting and cookieless web analytics), Supabase (database and authentication), and Strava (when you choose to connect). These providers process data on our behalf under contractual obligations.
• For legal reasons: we may disclose information if required by law, regulation, legal process, or to protect the rights and safety of users and the public.

We rely on the following categories of service providers to operate Segra. Where a provider is directly relevant to your data, we name them below:

We may update this list as our infrastructure changes. Material changes will be reflected in this policy.

Your account and training data are stored in secure cloud infrastructure provided by Supabase. Data is associated with your user account and is not publicly accessible.

Some interface preferences, such as sidebar state or local view settings, may be stored in your browser using cookies or local storage to improve your experience.

We retain your data for as long as your account is active or as needed to provide the service. If you delete your account, we will delete or anonymise your personal and training data within a reasonable period, except where we are required to retain certain information for legal, security, or fraud-prevention purposes.

Disconnecting Strava stops future syncing but does not automatically delete previously imported sessions. You can remove synced data separately within the app.

Depending on where you live, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate profile or account information
• Delete your account and associated data
• Disconnect third-party integrations such as Strava
• Withdraw consent for optional data processing where applicable
• Object to or restrict certain processing, where provided by law

Our web analytics service is cookieless and does not require a separate opt-out cookie. You can limit analytics collection through your browser's privacy settings or content blockers if you prefer.

You can manage most settings directly in the app. For other requests, contact us at contact@segra.app.

We take reasonable technical and organisational measures to protect your data, including encrypted connections, access controls, and secure authentication. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

You are responsible for keeping your login credentials safe and for activity that occurs under your account.

Segra is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will take steps to delete it.

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Material changes will be communicated through the app or by email where appropriate. Continued use of Segra after changes take effect constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or how we handle your data, contact us at contact@segra.app.